[MAGNOLIA-8563] CorsResponseFilter may add additional value for Access-Control-Allow-Origin causing request errors Created: 20/Sep/22  Updated: 02/Nov/22  Resolved: 02/Nov/22

Status: Closed
Project: Magnolia
Component/s: None
Affects Version/s: None
Fix Version/s: 6.3.0, 6.2.26

Type: Bug Priority: Neutral
Reporter: Jaroslav Simak Assignee: Marek Strucka
Resolution: Fixed Votes: 0
Labels: quickwin
Σ Remaining Estimate: Not Specified Remaining Estimate: Not Specified
Σ Time Spent: Not Specified Time Spent: Not Specified
Σ Original Estimate: Not Specified Original Estimate: Not Specified

Issue Links:
Problem/Incident
Sub-Tasks:
Key
Summary
Type
Status
Assignee
MAGNOLIA-8597 Implementation Sub-task Completed Marek Strucka  
MAGNOLIA-8598 Review Sub-task Completed Jaroslav Simak  
MAGNOLIA-8599 PiQA Sub-task Completed Milan Divilek  
MAGNOLIA-8600 QA Sub-task Completed Jaroslav Simak  
Template:
Acceptance criteria:
Empty
Task DoD:
[X]* Doc/release notes changes? Comment present?
[X]* Downstream builds green?
[X]* Solution information and context easily available?
[X]* Tests
[X]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[X]* Steps to reproduce, expected, and actual results filled
[X]* Affected version filled
Date of First Response:
Epic Link: Support
Sprint: DevX 22
Story Points: 2
Team: DeveloperX

 Description   

Steps to reproduce

  1. Add AddHeadersFilter before cors filter
  2. Add Access-Control-Allow-Origin header with some value
  3. Set headers in the cors filter or in site
  4. Make request to trigger cors error

Expected results

  1. No error in making the request

Actual results

  1. Error because multiple values are set for Access-Control-Allow-Origin

Workaround

Development notes

  1. Change addHeader to setHeader in CorsResponseFilter#addStandardHeaders for Access-Control-Allow-Origin

Generated at Mon Feb 12 04:33:49 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.